On 31/08/14 01:47, Ingo Klöcker wrote:
On Saturday 30 August 2014 23:11:17 TJ wrote:
On 30/08/14 22:20, Ingo Klöcker wrote:>
I strongly suggest that you have a look at using some Python binding for
gpgme instead of messing around with gpg. gpgme is _the_ library for
using GnuPG in ot
On 30/08/14 22:20, Ingo Klöcker wrote:
On Thursday 28 August 2014 22:53:52 TJ wrote:
The aim/hope was to combine the plaintext and detached signature into
the armored clearsign format and thus avoid needing to write one of
them to the file-system (the other can be supplied via stdin).
You can
I've finally pinned down the issue. The manipulation of the plaintext by
clearsign results in the message digest
being calculated on different plaintext, as per RFC4880 7.1 Dash-Escaped Text:
"As with binary signatures on text documents, a cleartext signature is
calculated on the text using c
On 29/08/14 19:03, Ingo Klöcker wrote:
On Thursday 28 August 2014 22:53:52 TJ wrote:
I've recently been digging deep into the source-code trying to
understand what the differences are between --clearsign and
--detach-sign signatures.
The RFC is probably much easier to read than the s
I've recently been digging deep into the source-code trying to understand what
the differences are between
--clearsign and --detach-sign signatures.
This came about whilst writing code that calls on "gpg --verify" on detached
signatures; specifically Debian APT
archives that contain "Release" (
